Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: 15162733a01b506529c66aef02cf71334500df3a
https://github.com/WebKit/WebKit/commit/15162733a01b506529c66aef02cf71334500df3a
Author: Tyler Wilcock <[email protected]>
Date: 2025-06-02 (Mon, 02 Jun 2025)
Changed paths:
A
LayoutTests/accessibility/dirty-relations-and-modal-tree-update-crash-expected.txt
A LayoutTests/accessibility/dirty-relations-and-modal-tree-update-crash.html
M LayoutTests/platform/glib/TestExpectations
M LayoutTests/platform/ios/TestExpectations
A
LayoutTests/platform/ios/accessibility/dirty-relations-and-modal-tree-update-crash-expected.txt
M Source/WebCore/accessibility/AccessibilityObject.cpp
Log Message:
-----------
AX: When relations are dirty and a render tree update happens,
AccessibilityObject can access RenderText style for text with no parent,
causing a nullptr deref
https://bugs.webkit.org/show_bug.cgi?id=293830
rdar://152336028
Reviewed by Chris Fleizach.
We shouldn't access the style of RenderTexts without checking the presence of
their parent first, which may have been
destroyed as part of an ongoing render tree update.
New test added that crashes without this change.
*
LayoutTests/accessibility/dirty-relations-and-modal-tree-update-crash-expected.txt:
Added.
* LayoutTests/accessibility/dirty-relations-and-modal-tree-update-crash.html:
Added.
* LayoutTests/platform/glib/TestExpectations: Skip new test.
* LayoutTests/platform/ios/TestExpectations: Enable new test.
* Source/WebCore/accessibility/AccessibilityObject.cpp:
(WebCore::AccessibilityObject::style const):
Canonical link: https://commits.webkit.org/295704@main
To unsubscribe from these emails, change your notification settings at
https://github.com/WebKit/WebKit/settings/notifications
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
